Friday News & Notes

Dale Peterson

Mark Clayton of the Christian Science Monitor broke the story of a 6-month spear phishing campaign on 23 gas pipeline companies. “Sensitive files were stolen that could give a cyberintruder the ability to control, or alter the operation of the pipelines, including usernames, passwords, personnel lists, system manuals, and pipeline control system access credentials, the report says.”

Stuxnet is the story with a million twists and turns. This week’s addition is a great Symantec whitepaper – Stuxnet 0.5: The Missing Link. This early version of Stuxnet was sent to a malware scanning service November 2007. There is a lot of good information on the 417 attack, and Ralph Langner chimes in on how it agrees and differs from their analysis.

Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.